20 matches found
CVE-2019-25311 thesystem Persistent XSS
thesystem version 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through multiple server data input fields. Attackers can submit crafted script payloads in operatingsystem, systemowner, systemusername, systempassword,...
CVE-2019-25311
The CVE concerns thesystem version 1.0, which contains a persistent cross-site scripting (XSS) vulnerability. Attackers can inject malicious scripts via multiple server input fields, specifically operating_system, system_owner, system_username, system_password, system_description, and server_name...
PT-2026-7606
Name of the Vulnerable Software and Affected Versions thesystem version 1.0 Description thesystem version 1.0 has a persistent cross-site scripting issue. Attackers can inject malicious scripts through several server data input fields. Specifically, crafted script payloads can be submitted in the...
PT-2025-40118
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to EFI and SSDT handling. Specifically, memory allocated for a new ACPI table is incorrectly freed even when the ACPI core successfully loads th...
Unraid OS Detection (SNMP)
SNMP based detection of Unraid OS. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.153875";...
Axis Devices Detection (SNMP)
SNMP based detection of Axis devices. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.170984";...
grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled
A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...
grub2 安全漏洞
grub2 is a Linux system boot program from the GNU community. A security vulnerability exists in versions of grub2 prior to 2.06 where it incorrectly enables the ACPI command when enabling secure boot. The vulnerability allows an attacker with privileged access to create an auxiliary system...
grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled
A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...
grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled
A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...
grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled
A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...
CVE-2017-5256
In version 3.5 and prior of Cambium Networks ePMP firmware, all authenticated users have the ability to update the Device Name and System Description fields in the web administration console, and those fields are vulnerable to persistent cross-site scripting XSS injection...
CVE-2017-5256
In version 3.5 and prior of Cambium Networks ePMP firmware, all authenticated users have the ability to update the Device Name and System Description fields in the web administration console, and those fields are vulnerable to persistent cross-site scripting XSS injection...
CVE-2017-5256
In version 3.5 and prior of Cambium Networks ePMP firmware, all authenticated users have the ability to update the Device Name and System Description fields in the web administration console, and those fields are vulnerable to persistent cross-site scripting XSS injection...
Foreman cross-site scripting vulnerability (CNVD-2017-32872)
Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tool provides features such as service provisioning, configuration management, and status reporting. A cross-site scripting vulnerability exists in versions of Foreman prior to 1.5.2. A remote attacker can...
PT-2017-5876 · Foreman · Foreman
Name of the Vulnerable Software and Affected Versions: Foreman versions prior to 1.5.2 Description: The issue allows remote authenticated users to inject arbitrary web script or HTML via the operating system 1 name or 2 description. Recommendations: For versions prior to 1.5.2, update to version...
foreman: XSS with operating system name/description
Multiple cross-site scripting XSS vulnerabilities in Foreman before 1.5.2 allow remote authenticated users to inject arbitrary web script or HTML via the operating system 1 name or 2 description...
Emerson Network Power Avocent MergePoint Unity 2016 KVM Detection (SNMP)
The script attempts to extract the version number from a previous gathered system description from SNMP. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
SNMP Information Detection and Reporting
SNMP based detection and reporting of generic information like e.g. the System Description/sysDescr OID: 1.3.6.1.2.1.1.1.0 gathered from the remote device. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
System Description Detection (SNMP)
Binary data 1431.prm...